<?php 
	session_start();
	include("../service/userService.php");
	$username = $_POST["username"];
	$password = md5($_POST["password"]);
	
	if (authenticateUser($username, $password, 1) == true) {
		$row = ConnectionManager::getInstance()->fetch(findUserBy($username));
		$_SESSION['usernameAdmin'][0] = $row["USER_ID"];
		$_SESSION['usernameAdmin'][1] = $username;
		$_SESSION['usernameAdmin'][2] = 1; // user type
        //$_SESSION['userid'] = $row["USER_ID"];
        
        $permissions = getPermissionOfUser($row["USER_ID"]);
        $perm_array = array();
        while($perm = mysql_fetch_array($permissions)){
            array_push($perm_array, $perm["PRI_NAME"]);
        }
        $_SESSION["permissions"] = $perm_array;
		echo "<script>window.location.href='../admin/index.php';</script>";
	} else echo "<script>window.location.href='../admin/index.php';</script>";
?>
